ssl

Superelements

Subelements

none

Attributes

The following table describes attributes for the SSL element.

Table C–139 ssl attributes

Attribute

Default

Description

cert-nickname

s1as

(optional) The nickname of the server certificate in the certificate
database or the PKCS#11 token. In the certificate, the name format is tokenname:nickname.
Including the tokenname: part
of the name in this attribute is optional.

ssl2-enabled

false

(optional) Determines whether SSL2 is enabled.

ssl2-ciphers

none

(optional) A space-separated list of the SSL2 ciphers used with the
prefix + to enable or - to disable. For example, +rc4.
Allowed values are rc4, rc4export, rc2, rc2export, idea, des, desede3.

ssl3-enabled

true

(optional) Determines whether SSL3 is enabled.

ssl3-tls-ciphers

none

(optional) A space-separated list of the SSL3 ciphers used, with the
prefix + to enable or - to disable,
for example +SSL_RSA_WITH_RC4_128_MD5. Allowed values are SSL_RSA_WITH_RC4_128_MD5, SSL_RSA_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_DES_CBC_SHA, SSL_RSA_EXPORT_WITH_RC4_40_MD5, SSL_RSA_WITH_NULL_MD5, SSL_RSA_WITH_RC4_128_SHA,
and SSL_RSA_WITH_NULL_SHA. Values available in previous
releases are supported for backward compatibility.